b. the on-the-fly patching part of the code is probably called on virtual memory page remapping and does additional patching in-place. it identifies if the pages requires patching byt calculating it's "hash" and comparing to the table entries. one of the patches enables developer menu/settings called "category_game_tool2.xml#root" which probably enables support of the pkgs and other dev stuff.

Can't we just enable the same way the OtherOS menu that was removed?

Beside that: where I can find the disassembler/debugger for the self/elf files of PS3?

Beside that: where I can find the disassembler/debugger for the self/elf files of PS3?

It seems that more than just the menu was removed so that seems unlikely.

As for the debugger/disassembler: they're part of the SDK. But I guess the debugger (gdb) won't work without a PS3 TEST since it has to do remote debugging. You can disassemble elf files with ppu-lv2-objdump and spu-lv2-objdump.

As for the debugger/disassembler: they're part of the SDK. But I guess the debugger (gdb) won't work without a PS3 TEST since it has to do remote debugging.

TEST and RETAIL units are the same hardware-wise. So it is just a matter of running TEST firmware on RETAIL unit - I think that is nearing.

Also - are you talking about stock gdb available with open-source PS3 toolchain or is gdb part of leaked SDK? Open-source version does not rely on anything from PS3 TEST FW - once the binaries produced by toolchain are happily running on RETAIL PS3s there will be way of running them under gdb (similarly as psp-gdb runs on retail PSPs).

TEST and RETAIL units are the same hardware-wise. So it is just a matter of running TEST firmware on RETAIL unit - I think that is nearing.

Yeah - as soon as TEST FW will run on retail HW without any limitations, this issue will likely go away.

Originally Posted by RexVF5

Also - are you talking about stock gdb available with open-source PS3 toolchain or is gdb part of leaked SDK? Open-source version does not rely on anything from PS3 TEST FW - once the binaries produced by toolchain are happily running on RETAIL PS3s there will be way of running them under gdb (similarly as psp-gdb runs on retail PSPs).

I guess it will be quite a challenge to get the open source SDK to a point where debugging with GDB will be possible. Only remote debugging is possible which means that the host part of GDB has to be ported to GameOS Lv-2 which might be tricky to pull off.

The GDB binaries from the leaked SDK (ppu-lv2-gdb, spu-lv2-gdb) seem to rely on a separate communication manager for communication with the console. The counterpart of this communication manager is most likely only contained in debug FW.

It seems that more than just the menu was removed so that seems unlikely.

As for the debugger/disassembler: they're part of the SDK. But I guess the debugger (gdb) won't work without a PS3 TEST since it has to do remote debugging. You can disassemble elf files with ppu-lv2-objdump and spu-lv2-objdump.

AFAIK the first version of patch removed only a XMB menu so it was possible to enable it. Perhaps you're right. All we need to do is backport the exploit to earlier version of firmware and analyze the dump.

Thanks for the objdump hint. I figured it out that debugging is only possible remotely but I'm used to gdb for disassembling as well (mainly using x/10i or something similiar).

And I got another idea. If someone has a running console with OtherOS capability and thus working Linux we might try to to debug (an run portions of its code to analyze) the GameOS under it.

Lot of hacking would be needed to tweak GameOS to run in user space (something like User Mode Linux) but it should be easier to analyze a function if can actually run it in virtualized environment. It's just an idea. Unfortunately I've lot access to Linux on my PS3 while upgraded to 3.41

I have no time to verify it but will the ppu-lv2-objdump be of any use if I want to deal with GameOS memory dump? Doesn't it work with ELF files only?

I have a lot of question, and i hope some one here can help me answere them

The last week i have been playing around with xml files and xRegistry file. I think that i partly understand the xml files, and what they do. They are the connection between the GameOS and the FW files.

I have been able to add some "new shortcuts", move them around between the different category's and change there function.

But then there are the category_sysconf.xml file... it does nothing, you can delete it, and nothing happens. Why? Is it loaded during the booting, because it is alredy loaded when you enter the menu screen, and the other category's are not. Or are the file not in use any more, "leftovers" from an older FW? But then it shoulda contained the OtherOS launch command...

And the commands from category_sysconf.xml, wont run i any other category xml file. The icons wont showe up, you only see the loading circle on all the "shortcuts". And it is not possible to start them, but it is possible to "browse" two of them, total 18. There are 13 and 5 in twoes thats you can "browse". edyviewer and tool_debug_settings?

If it is loaded during booting, what needs to be done to enable the debug setting, xRegistry don't seme to do any thing... Or is this because the Settings menu is LV1.

How is the TEST fw different from the RETAIL, does it containe more files? Or do they containe the same files, but configurated different?

If they are completely different fw's, why does the Retail fw containe the referanses to the debug setting, in the category_sysconf.xml and in the xRegistry?

Does the retail containe a "light" version of the debug settings? Can even sony use the debug settings on a retail, has anybody heard aboute this being don?

Have anyone ever been able to extract the dev_flash and the xRegistry from a TEST unit? If so, does the xRegistry file contain the same options? And i haven't seen the otherOS any where in this files

If the "Settings" category needs LV1 to be changed, then no "sony OtherOS" in fw3.41. But if it is only loaded during the boot sequence, maybe PSGroove can be modyfied to do the same jobb as the "usb firm loader"? And we will be able to add and modify the Settings category.